<?php
if ($action == "add") {
		if ($dbTable == "assignments") {
			$query_check = "SELECT * FROM assignments WHERE cid = '$cid' AND mid='$mid' ORDER BY assign_num DESC LIMIT 1";
			$check = mysql_query($query_check, $connection) or die(mysql_error());
			$row_check = mysql_fetch_assoc($check);
			$num = $row_check['assign_num'] + 1;
			//echo $query_check;
			
			$insertSQL = sprintf("INSERT INTO assignments (cid, mid, assign_num) VALUES (%s, %s, %s)", 
					GetSQLValueString($cid, "int"),
					GetSQLValueString($mid, "int"),
					GetSQLValueString($num, "int"));
  		}
		
		if ($dbTable == "themes") {
			$query_check = "SELECT * FROM themes WHERE cid = '$cid' AND mid='$mid' ORDER BY theme_num DESC LIMIT 1";
			$check = mysql_query($query_check, $connection) or die(mysql_error());
			$row_check = mysql_fetch_assoc($check);
			$num = $row_check['theme_num'] + 1;
			//echo $query_check;
			
			$insertSQL = sprintf("INSERT INTO $dbTable (cid, mid, theme_num) VALUES (%s, %s, %s)", 
					GetSQLValueString($cid, "int"),
					GetSQLValueString($mid, "int"),
					GetSQLValueString($num, "int"));
  		}			
		mysql_select_db($database, $connection);
  		$result1 = mysql_query($insertSQL, $connection) or die(mysql_error());
		//echo $insertSQL;
		
		if (strstr($_SERVER['HTTP_REFERER'], "&msg")) { $insertGoTo = rtrim($_SERVER['HTTP_REFERER'], "123456789"); $insertGoTo .= "3#".$mid;}
		else { $insertGoTo = $_SERVER['HTTP_REFERER']; $insertGoTo .= "&msg=3#".$mid; }
		header(sprintf("Location: %s", $insertGoTo));
	}

if ($action == "edit") {
	$updateSQL1 = sprintf("UPDATE modules SET module_title=%s, module_overview=%s WHERE id='%s';", 
                       GetSQLValueString($_POST['module_title'], "text"),
					   GetSQLValueString($_POST['module_overview'], "text"),
                       GetSQLValueString($_POST['id_m'], "int")); 
	//echo $updateSQL1."<br>";
	mysql_select_db($database, $connection);
    $result1 = mysql_query($updateSQL1, $connection) or die(mysql_error());
	
	foreach($_POST['id_t'] as $id_t) { 
		$updateSQL2 = "UPDATE themes SET 
		theme_num='".$_POST["theme_num".$id_t]."',
		theme_title='".$_POST["theme_title".$id_t]."'
		WHERE id='".$id_t."';"; 
		mysql_select_db($database, $connection);
		$result1 = mysql_query($updateSQL2, $connection) or die(mysql_error());	
		//echo $updateSQL2."<br>";
	}
	
	foreach($_POST['id_a'] as $id_a) { 
		$updateSQL3 = "UPDATE assignments SET 
		assign_num='".$_POST["assign_num".$id_a]."',
		assign_title='".$_POST["assign_title".$id_a]."'
		WHERE id='".$id_a."';"; 
		mysql_select_db($database, $connection);
		$result1 = mysql_query($updateSQL3, $connection) or die(mysql_error());	
		//echo $updateSQL3."<br>";
	}
	
	if ($go == "overview") 	$updateGoTo = "../index.php?section=view_proposal&cid=".$cid."&msg=2#".$mid;
	elseif ($go == "course_detail") 	$updateGoTo = "../index.php?section=view_course&cid=".$cid."&msg=2#".$mid;
	elseif ($go == "setup") $updateGoTo = "../index.php?section=proposal_titles&cid=".$cid."&msg=2#".$_POST['mid'];
	else $updateGoTo = $updateGoTo."&msg=5";
	//echo $updateGoTo;
	header(sprintf("Location: %s", $updateGoTo));
}

?>